Secure Coding Standards

Coding standards encourage programmers to follow a uniform set of rules and guidelines determined by the requirements of the project and organization, rather than by the programmer's familiarity or preference. Developers and software designers can apply these coding standards during software development to create secure systems.

The Secure Coding Initiative coordinates the development of secure coding standards by security researchers, language experts, and software developers using a wiki-based community process. More than 1700 contributors and reviewers have participated in the development of secure coding standards on the CERT Secure Coding Standards wiki. The results of this research are coding standards for the C, C++, Java, and Perl programming languages. A coding standard for the Android platform is also being developed.

The Secure Coding Wiki supports the broad-based community development of secure coding standards for commonly used programming languages such as C, C++, Java, and Perl. Contact us to comment on existing items, submit recommendations, or request privileges to directly edit content on the site. 

Research and development of CERT Secure Coding Standards helps us to identify issues with existing language standards and to provide valuable input on issues and fixes to the ISO/IEC standards working groups we participate in.

You can also subscribe to our monthly eNewsletter, which provides timely information about updates to the CERT secure coding standards and includes interesting news and events related to secure coding.